Stupid Chinese Phishers

by

Hilarious…

I just got an email that LOOKs like it’s from my ISPs tech support stating that my email box was over it’s size limit and that I need to send my username date of birth and my password.  I guess they think people are stupid… It is true that some people don’t understand how the Internet works and all that jazz, so here is an example of a phishing attempt:

Return-Path: <???@cox.net>
Received: from fed1rmimpo03.cox.net ([70.169.32.75])
          by fed1rmmtao105.cox.net
          (InterMail vM.8.01.03.00 201-2260-125-20100507) with ESMTP
          id <20101217020426.SCEQ14403.fed1rmmtao105.cox.net@fed1rmimpo03.cox.net>;
          Thu, 16 Dec 2010 21:04:26 -0500
Received: from fed1rmwml45 ([172.18.140.217])
    by fed1rmimpo03.cox.net with bizsmtp
    id k24R1f00V4hdPEs0424SSH; Thu, 16 Dec 2010 21:04:26 -0500
X-VR-Score: 250.00
X-Authority-Analysis: v=1.1 cv=nEJmMjsgzJU/SHHRi/ff9TR/+4hQZ6PdArDqWXwhaYs=
c=1 sm=1 a=7JPxGY7UWogA:10 a=Z6WwYdEpHsUA:10 a=IkcTkHD0fZMA:10
a=CA97L4c2R2SWvNNgQse4rQ==:17 a=3jeaj8TJhsEvuDWdkqEA:9
a=M0rs3pqq-AeiF7N4e-brOSH1j9MA:4 a=QEXdDO2ut3YA:10
a=CA97L4c2R2SWvNNgQse4rQ==:117
X-CM-Score: 0.00
Authentication-Results: cox.net; none
Received: from 76.163.252.90 by webmail.west.cox.net; Thu, 16 Dec 2010 21:04:25 -0500
Message-ID: <20101216210426.4HQ9A.504169.imail@fed1rmwml45>
Date: Thu, 16 Dec 2010 18:04:26 -0800
From:  <???@cox.net>
Reply-To: ba3@onfruit.cn
Subject: Information!!
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
Sensitivity: Normal

Your MailBox Has Exceeded It Quota As Set By Your Administrator And you Can Not Be Able To Receive Or Send New Mails Until You Re-Validate. ToRe-Validate your account, enter your account informations below"

Email:
Password:
Date of birth:

Account owner that refuses to maintain his or her account will looseaccount. permanently from our site. Warning Email user that refuses tomaintain his/her account we have the account deactivated permanently.

Thanks for using Cox,
Cox Comm Team 2.0.1.0.

IF you happen to hit reply it goes to ba3@onfruit.cn which is where they harvest your email username and password and then lock you out of your own account.  The message certainly wasn’t going to go to MY ISP.

In this case the true stupid ones here are the originators of the message because they can’t spell or use proper English.

Always check stuff before you click on it.  It’s very easy to get a virus or lose control of your account.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.